Difference between revisions of "Tcplay"

From ArchWiki
Jump to: navigation, search
(Created page with "Category:Security Category:File systems de:tcplay {{Article summary start}} {{Article summary text|Setup and usage of tcplay.}} {{Article summary heading|Related}}...")
 
m
(8 intermediate revisions by the same user not shown)
Line 8: Line 8:
 
{{Article summary wiki|TrueCrypt}}
 
{{Article summary wiki|TrueCrypt}}
 
{{Article summary end}}
 
{{Article summary end}}
{{DISPLAYTITLE:dwm}}
+
{{DISPLAYTITLE:tcplay}}
 
+
 
'''tcplay''' is a free (BSD-licensed), pretty much fully featured (including
 
'''tcplay''' is a free (BSD-licensed), pretty much fully featured (including
 
multiple keyfiles, cipher cascades, etc.) and stable TrueCrypt implementation.
 
multiple keyfiles, cipher cascades, etc.) and stable TrueCrypt implementation.
  
This implementation supports mapping (opening) both system and normal TrueCrypt
+
Source: [https://github.com/bwalex/tc-play github project home]
volumes, as well as opening hidden volumes and opening an outer volume while
+
protecting a hidden volume. There is also support to create volumes, including
+
hidden volumes, etc.
+
 
+
Since tcplay uses dm-crypt, it makes full use of any available hardware
+
encryption/decryption support once the volume has been mapped.
+
 
+
It is based solely on the documentation available on the TrueCrypt website,
+
many hours of trial and error and the output of the Linux' TrueCrypt client. As
+
it turns out, most technical documents on TrueCrypt contains mistakes, hence
+
the trial and error approach.
+
  
 
== Installation ==
 
== Installation ==
Install {{Ic|tcplay-git}} from the AUR.
+
Install {{AUR|tcplay}} or {{AUR|tcplay-git}} from the AUR.
  
 
== Encrypting a file as a virtual volume ==
 
== Encrypting a file as a virtual volume ==
Line 33: Line 21:
 
Invoke  
 
Invoke  
  
   # losetup -f
+
   $ losetup -f
  
 
to find the first unused loopback device; in this example, {{Ic|/dev/loop0}}.
 
to find the first unused loopback device; in this example, {{Ic|/dev/loop0}}.
Create a new volume {{Ic|test.tc}}, 20M in size for instance, in the working
+
 
 +
{{Note|As of udev 181-5, the {{Ic|loop}} device module is no longer auto-loaded.}}
 +
 
 +
Create a new container {{Ic|foo.tc}}, 20M in size for instance, in the working
 
directory:
 
directory:
  
   # dd if=/dev/zero of=test.tc bs=1 count=0 seek=20M
+
   # dd if=/dev/zero of=foo.tc bs=1 count=0 seek=20M
   # losetup /dev/loop0 test.tc
+
   # losetup /dev/loop0 foo.tc
 
   # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS
 
   # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS
  
 
Enter a secure password for the volume, and confirm the query to overwrite
 
Enter a secure password for the volume, and confirm the query to overwrite
{{Ic|test.tc}} with the new volume. tcplay will then write random data into the
+
{{Ic|foo.tc}} with the new volume. tcplay will then write random data into the
 
volume. Map the volume and create a filesystem on it in order to mount
 
volume. Map the volume and create a filesystem on it in order to mount
  
   # tcplay -m test.tc -d /dev/loop0
+
   # tcplay -m foo.tc -d /dev/loop0
   # mkfs.ext4 /dev/mapper/test.tc
+
   # mkfs.ext4 /dev/mapper/foo.tc
   # mount /dev/mapper/test.tc /mnt/truecrypt/
+
   # mount /dev/mapper/foo.tc /mnt/truecrypt/
  
 
To unset the container,
 
To unset the container,
  
 
   # umount /mnt/truecrypt
 
   # umount /mnt/truecrypt
   # dmsetup remove test.tc
+
   # dmsetup remove foo.tc
 +
  # losetup -d /dev/loop0
 +
 
 +
==Mounting an existing container for a user==
 +
 
 +
Consider {{Ic|/dev/loop0}} the first unused loop device, {{Ic|foo.tc}} the
 +
TrueCrypt container, {{Ic|/home/you/truecrypt/}} the desired mount point. The
 +
user {{Ic|you}} in this example has {{Ic|uid=1000}} and {{Ic|gid=100}}. The
 +
steps for mounting the container as a virtual volume are:
 +
 
 +
# Associate loop device with the container
 +
# Map the container to the loop device
 +
# Mount the container in the filesystem
 +
 
 +
The following commands perform the above actions.
 +
 
 +
  # losetup /dev/loop0 foo.tc
 +
  # tcplay -m foo.tc -d /dev/loop0
 +
  # mount -o nosuid,uid=1000,gid=100 /dev/mapper/foo.tc /home/you/truecrypt/
 +
 
 +
To reverse them:
 +
 
 +
  # umount /home/you/truecrypt/
 +
  # dmsetup remove foo.tc
 
   # losetup -d /dev/loop0
 
   # losetup -d /dev/loop0
  

Revision as of 18:44, 8 July 2013

Summary help replacing me
Setup and usage of tcplay.
Related
Disk Encryption
TrueCrypt

tcplay is a free (BSD-licensed), pretty much fully featured (including multiple keyfiles, cipher cascades, etc.) and stable TrueCrypt implementation.

Source: github project home

Installation

Install tcplayAUR or tcplay-gitAUR from the AUR.

Encrypting a file as a virtual volume

Invoke

 $ losetup -f

to find the first unused loopback device; in this example, /dev/loop0.

Note: As of udev 181-5, the loop device module is no longer auto-loaded.

Create a new container foo.tc, 20M in size for instance, in the working directory:

 # dd if=/dev/zero of=foo.tc bs=1 count=0 seek=20M
 # losetup /dev/loop0 foo.tc
 # tcplay -c -d /dev/loop0 -a whirlpool -b AES-256-XTS

Enter a secure password for the volume, and confirm the query to overwrite foo.tc with the new volume. tcplay will then write random data into the volume. Map the volume and create a filesystem on it in order to mount

 # tcplay -m foo.tc -d /dev/loop0
 # mkfs.ext4 /dev/mapper/foo.tc
 # mount /dev/mapper/foo.tc /mnt/truecrypt/

To unset the container,

 # umount /mnt/truecrypt
 # dmsetup remove foo.tc
 # losetup -d /dev/loop0

Mounting an existing container for a user

Consider /dev/loop0 the first unused loop device, foo.tc the TrueCrypt container, /home/you/truecrypt/ the desired mount point. The user you in this example has uid=1000 and gid=100. The steps for mounting the container as a virtual volume are:

  1. Associate loop device with the container
  2. Map the container to the loop device
  3. Mount the container in the filesystem

The following commands perform the above actions.

 # losetup /dev/loop0 foo.tc
 # tcplay -m foo.tc -d /dev/loop0
 # mount -o nosuid,uid=1000,gid=100 /dev/mapper/foo.tc /home/you/truecrypt/

To reverse them:

 # umount /home/you/truecrypt/
 # dmsetup remove foo.tc
 # losetup -d /dev/loop0

Related links